<?PHP
/**
 * LianPHP字符处理类库
 * 
 * @author 大春 lianwanchun@163.com
 * @version 0.1 
 * @copyright Copyright &copy; 2010 lian wan chun
 */

class String extends LianPhp {
	/**
	 * 字符串截取，支持中文和其他编码
	 *
	 * @param unknown_type $str 	需要转换的字符串
	 * @param unknown_type $start	开始位置
	 * @param unknown_type $length	截取长度
	 * @param unknown_type $charset	编码格式
	 * @param unknown_type $suffix	截断显示字符
	 * @return unknown
	 */
	public function msubstr($str, $start=0, $length, $charset="utf-8", $suffix=true){
		if($suffix)
		$suffixStr = "…";
		else
		$suffixStr = "";
		if(function_exists("mb_substr"))
		return mb_substr($str, $start, $length, $charset).$suffixStr;
		elseif(function_exists('iconv_substr')) {
			return iconv_substr($str,$start,$length,$charset).$suffixStr;
		}
		$re['utf-8']   	= "/[\x01-\x7f]|[\xc2-\xdf][\x80-\xbf]|[\xe0-\xef][\x80-\xbf]{2}|[\xf0-\xff][\x80-\xbf]{3}/";
		$re['gb2312'] 	= "/[\x01-\x7f]|[\xb0-\xf7][\xa0-\xfe]/";
		$re['gbk']    	= "/[\x01-\x7f]|[\x81-\xfe][\x40-\xfe]/";
		$re['big5']   	= "/[\x01-\x7f]|[\x81-\xfe]([\x40-\x7e]|\xa1-\xfe])/";
		preg_match_all($re[$charset], $str, $match);
		$slice = join("",array_slice($match[0], $start, $length));
		return $slice.$suffixStr;
	}

	/**
	 * 转换成js可读
	 *
	 * @param unknown_type $string
	 * @param unknown_type $show
	 * @return unknown
	 */
	public function strToJs($string, $show = true){
		$string = str_replace(array("\n","\r","\""),array('','',"\\\""),$string);
		return ($show)? "document.write(\"".$string."\");\n" : $string;
	}

	/**
	 * 输出安全的html
	 *
	 * @param str $text		HTML代码
	 * @param str $tags		允许的标签 	多标签用“|”分格
	 * @return str
	 */
	public function printHtml($text, $tags = null){
		$text	=	trim($text);
		//完全过滤注释
		$text	=	preg_replace('/<!--?.*-->/','',$text);
		//完全过滤动态代码
		$text	=	preg_replace('/<\?|\?'.'>/','',$text);
		//完全过滤js
		$text	=	preg_replace('/<script?.*\/script>/','',$text);

		$text	=	str_replace('[','&#091;',$text);
		$text	=	str_replace(']','&#093;',$text);
		$text	=	str_replace('|','&#124;',$text);
		//过滤换行符
		$text	=	preg_replace('/\r?\n/','',$text);
		//br
		$text	=	preg_replace('/<br(\s\/)?'.'>/i','[br]',$text);
		$text	=	preg_replace('/(\[br\]\s*){10,}/i','[br]',$text);
		//过滤危险的属性，如：过滤on事件lang js
		while(preg_match('/(<[^><]+)( lang|on|action|background|codebase|dynsrc|lowsrc)[^><]+/i',$text,$mat)){
			$text=str_replace($mat[0],$mat[1],$text);
		}
		while(preg_match('/(<[^><]+)(window\.|javascript:|js:|about:|file:|document\.|vbs:|cookie)([^><]*)/i',$text,$mat)){
			$text=str_replace($mat[0],$mat[1].$mat[3],$text);
		}
		if(empty($tags)) {
			$tags = 'table|td|th|tr|i|b|u|strong|img|p|br|div|strong|em|ul|ol|li|dl|dd|dt|a';
		}
		//允许的HTML标签
		$text	=	preg_replace('/<('.$tags.')( [^><\[\]]*)>/i','[\1\2]',$text);
		//过滤多余html
		$text	=	preg_replace('/<\/?(html|head|meta|link|base|basefont|body|bgsound|title|style|script|form|iframe|frame|frameset|applet|id|ilayer|layer|name|script|style|xml)[^><]*>/i','',$text);
		//过滤合法的html标签
		while(preg_match('/<([a-z]+)[^><\[\]]*>[^><]*<\/\1>/i',$text,$mat)){
			$text=str_replace($mat[0],str_replace('>',']',str_replace('<','[',$mat[0])),$text);
		}
		//转换引号
		while(preg_match('/(\[[^\[\]]*=\s*)(\"|\')([^\2=\[\]]+)\2([^\[\]]*\])/i',$text,$mat)){
			$text=str_replace($mat[0],$mat[1].'|'.$mat[3].'|'.$mat[4],$text);
		}
		//过滤错误的单个引号
		while(preg_match('/\[[^\[\]]*(\"|\')[^\[\]]*\]/i',$text,$mat)){
			$text=str_replace($mat[0],str_replace($mat[1],'',$mat[0]),$text);
		}
		//转换其它所有不合法的 < >
		$text	=	str_replace('<','&lt;',$text);
		$text	=	str_replace('>','&gt;',$text);
		$text	=	str_replace('"','&quot;',$text);
		//反转换
		$text	=	str_replace('[','<',$text);
		$text	=	str_replace(']','>',$text);
		$text	=	str_replace('|','"',$text);
		//过滤多余空格
		$text	=	str_replace('  ',' ',$text);
		return $text;
	}
}
?>